MDKA-2007:090 : bind

High Nessus Plugin ID 26044


The remote Mandrake host is missing one or more security-related patches.


A number of bugs in the BIND9 packages are fixed in this update:

Threading was disabled in the ISC BIND package shipped with Mandriva Linux 2007 and Corporate Server 4, because the host command did not work properly with threading enabled. This update only builds the host command without threading, while the rest of the bind server is once again SMP-aware.

The bogon ACL was too restrictive and accidentally contained IP address ranges for some root server networks.

The named daemon is chrooted by default, but logrotate files were being supplied that served no purpose as named performs it's own log rotating. The spurious logrotate files have been removed.

The updated packages correct these issues.


Update the affected package(s).

See Also

Plugin Details

Severity: High

ID: 26044

File Name: mandrake_MDKA-2007-090.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2007/09/14

Modified: 2012/09/07

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: cpe:/o:mandriva:linux

Required KB Items: Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2007/09/10